ModSecurity Console

WAF-FLE 0.5, initial release

Today I’m happy to release, the first version of WAF-FLE (version 0.5), at OWASP AppSec’11 Latam, a new console for Modsecurity , that fills the gap for a OpenSource console for modsecurity.

The code is (as probably all initial releases) subject to bugs, and should be used with care, but my own use shows that it can handle lots of events even in an old server. Supporting peaks of 180 events per second, keeping more than 10 million events in the database (with tittle performance degradation).

I believe that the Filter (used to drill down events) is the most significant feature in this release, once it allows the user to quickly find an event or filter out what he doesn’t want.